SAP Associate Consultant
Resume:
Employment Summary
Total * yearsof experience in the field of information technology risk and controls, with specialized experience on SAP Application Security design, build and support and teaching.I have experience of security and authorization of ECC security, HR and GRC AC. I have worked on SOX controls and Business Process controls along with SAP security role design and segregation of duties design. Worked on Virsa Firefighter and Virsa compliance calibrator tools. Have experience of Security role implementation, support and roll out, role design projects.
EDUCATIONAL QUALIFICATIONS
Bachelor of Computer Science (B.Sc) Osmania University, Hyderabad, Telangana.
TECHNICAL SKILLS
●Technology : SAP Security ECC 6.0, GRC-AC 10.x
●Platforms : Windows, Linux
●Tools : Service Now, CPS, JIRA
Professional Experience
LARSEN&TOUBRO INFOTECH LTD(LTI) Oct 2020-Till Date.
Project : PBF Energy (SAP & Non-SAP Systems)
Job Title : Associate Consultant
Team Size: 4
Key Responsibilities:
Working on SAP ECC, GRC and SOLMAN systems.
Working on Non-SAP systems Ariba, DB, Chemical,Track, RAS,Power Plan systems.
Working on Zema,Octopus,Sabrix and Tableau systems.
Performed risk analysis using ARA for users and roles in execution and simulation modes.
Performed mitigation against various risks for users & roles.
Activating application in client (SPRO), Check sap ICF service (SICF), Activating BC sets.
Adding the connector to auth scenario, enabling the right rule set.
Assign connector to the logical groups, Generating rule set, job synchronizing authorization, Run the first analysis.
Creating the Fire-fighter-Id with Emergency access.
Assigning the Fire fighter-id to fire fighters with proper approvals.
Performed User & Role analysis to find the existing SOD violation for users and roles.
Configured MSMP workflows
End to End SAP GRC 10.0 Implementation of ARA,ARM,BRM,EAM
Configured ARA tool for rules design, SOD, remediation and migration controls
Performing remediation and mitigation against various risks associated with roles and users
Creating and assigning FF ID’s and extracting Fire Fighter logs
Analyse and fix the missing authorizations.
Extensively worked on SUIM in generating reports for and analysing authorization issues
Locking/deactivating accounts as per client request
Restricting authorizations of fields, field values
Worked on Fire fighter to assign FF IDs to ID Owners & Controllers and maintaining reason codes
Responsible for designing and working on process enhancements
Responsible for coordinating between onsite and offshore project team for smooth execution of project activities
Interacting with other SAP teams and technical teams to resolve security issues
Coordinate workshops and discussions across various processes and departments (Purchasing, Sales, FI, HR, MM, etc.) and gathered the security and control requirements
Performing remediation and mitigation against various risks associated with roles and users
Creating and assigning FF ID’s and extracting Fire Fighter logs
Worked on Detailed design document (DDD’s) and Work packages
Provide periodic progress feedback to Security Operations Manager on Security Activities, Risks and Issues.
Creation of Roles, Profiles, Authorizations Adding Authorization Objects.
User administration like creating, modifying and password resetting based on user request.
Managed and created new users, groups for easy administration.
Mass user maintenance through SU10 and handling user issues through SU53, SU56 and System Trace ST01,STAUTHTRACE
Extensively used SUIM transaction code for security analysis.
Analyse and fix the missing authorizations.
Extensively worked on SUIM in generating reports for and analysing authorization issues
Locking/deactivating accounts as per client request
Restricting authorizations of fields, field values
Worked on Fire fighter to assign FF IDs to ID Owners & Controllers and maintaining reason codes
Responsible for designing and working on process enhancements
Responsible for coordinating between onsite and offshore project team for smooth execution of project activities
Interacting with other SAP teams and technical teams to resolve security issues
Coordinate workshops and discussions across various processes and departments (Purchasing, Sales, FI, HR, MM, etc.) and gathered the security and control requirements
Performed Job/position level SOD analysis and provided recommendations on resolving the SOD Conflicts from positions
Worked on gathering business requirements, analyzed, built, tested and implemented security
Designed security structure for development and IT support teams across all systems in landscape
Prepared test scripts for security unit testing and integration testing
Handled production cutover activities and go live support
Created single and composite roles
Created master and derive roles
Created user accounts and assigned roles and profiles
Involved in troubleshooting security issues during Security Unit and Integration testing cycles. Performed root cause analysis of the issues encountered and resolved them
Worked on ad hoc requests related to security
Creating SAP user accounts as per the client request
User role Modifications and maintenance.
KPMG Feb'2020–Sept 2020.
Project: VIACOM 18
Title: Associate Consultant
Team Size: 4
Key Responsibilities:
Implemented GRC Access Control Suite. Configured SAP GRC components ARA, ARM and EAM
Configured MSMP workflows
End to End SAP GRC 10.0 Implementation of ARA,ARM,BRM,EAM
Configured ARA tool for rules design, SOD, remediation and migration controls
Performing remediation and mitigation against various risks associated with roles and users
Creating and assigning FF ID’s and extracting Fire Fighter logs
Worked on Detailed design document (DDD’s) and Work packages
Provide periodic progress feedback to Security Operations Manager on Security Activities, Risks and Issues
Overall Role Management (Creation/Change/Deletion of role)
Configured logon parameters using system profiles.
Worked on User Missing authorizations and assigned based on the approvals.
Worked on Important authorization objects like S_DEVELOP, S_PROGRAM, and S_TABU_DIS.
Maintaining the USR40 table for illegal password
Good working knowledge of AGR* tables
Supported users at different levels for the security issues.
Maintaining Connectors and Connection Type
Maintaining Connection Settings, Connector settings, & Configuration settings – Parameters
Configuring the AC Owners, Role Owners in Assignment Approver, Role Concept Approver Mitigating approver and monitor etc.
Finalized the list of GRC predefined roles to be assigned to each owner as required.
Maintaining Rule Set, Function ID & Risk ID with Risk Owners and generating rules
Created Mitigation Approvers & Monitors and created mitigating IDs
Scheduling Background jobs related to Authorization, Repository Object, Action Usage and Role Usage Jobs.
Generated MSMP Rule for Process, defined Business Rule Framework through BRF+, Mapped BRF+ application with MSMP workflow and defined request types for Process ID.
Hexaware India March’2018 - Feb' 2020
ClientGate Group International
TITLE: Senior Software Engineer
Team Size: 3
Key Responsibilities:
Implemented GRC Access Control Suite. Configured SAP GRC components ARA, ARM and EAM.
Had an opportunity to take part in Implementation & support project of SAP GRC ACCESS CONTROL 10.1.
Configured common settings like GRC AC post-installation tasks through specific IMG Activity nodes.
Performed risk analysis using ARA for users and roles in execution and simulation modes.
Performed mitigation against various risks for users & roles.
Activating application in client (SPRO), Check sap ICF service (SICF), Activating BC sets.
Adding the connector to auth scenario, enabling the right rule set.
Assign connector to the logical groups, Generating rule set, job synchronizing authorization, Run the first analysis.
Creating the Fire-fighter-Id with Emergency access.
Assigning the Fire fighter-id to fire fighters with proper approvals.
Performed User & Role analysis to find the existing SOD violation for users and roles.
Configured MSMP workflows
End to End SAP GRC 10.0 Implementation of ARA,ARM,BRM,EAM
Configured ARA tool for rules design, SOD, remediation and migration controls
Performing remediation and mitigation against various risks associated with roles and users
Creating and assigning FF ID’s and extracting Fire Fighter logs
Analyse and fix the missing authorizations.
Extensively worked on SUIM in generating reports for and analysing authorization issues
Locking/deactivating accounts as per client request
Restricting authorizations of fields, field values
Worked on Fire fighter to assign FF IDs to ID Owners & Controllers and maintaining reason codes
Responsible for designing and working on process enhancements
Responsible for coordinating between onsite and offshore project team for smooth execution of project activities
Interacting with other SAP teams and technical teams to resolve security issues
Coordinate workshops and discussions across various processes and departments (Purchasing, Sales, FI, HR, MM, etc.) and gathered the security and control requirements
Performing remediation and mitigation against various risks associated with roles and users
Creating and assigning FF ID’s and extracting Fire Fighter logs
Worked on Detailed design document (DDD’s) and Work packages
Provide periodic progress feedback to Security Operations Manager on Security Activities, Risks and Issues.
Creation of Roles, Profiles, Authorizations Adding Authorization Objects.
User administration like creating, modifying and password resetting based on user request.
Managed and created new users, groups for easy administration.
Mass user maintenance through SU10 and handling user issues through SU53, SU56 and System Trace ST01,STAUTHTRACE
Extensively used SUIM transaction code for security analysis.
Analyse and fix the missing authorizations.
Extensively worked on SUIM in generating reports for and analysing authorization issues
Locking/deactivating accounts as per client request
Restricting authorizations of fields, field values
Worked on Fire fighter to assign FF IDs to ID Owners & Controllers and maintaining reason codes
Responsible for designing and working on process enhancements
Responsible for coordinating between onsite and offshore project team for smooth execution of project activities
Interacting with other SAP teams and technical teams to resolve security issues
Coordinate workshops and discussions across various processes and departments (Purchasing, Sales, FI, HR, MM, etc.) and gathered the security and control requirements
Performed Job/position level SOD analysis and provided recommendations on resolving the SOD Conflicts from positions
Worked on gathering business requirements, analyzed, built, tested and implemented security
Designed security structure for development and IT support teams across all systems in landscape
Prepared test scripts for security unit testing and integration testing
Handled production cutover activities and go live support
Created single and composite roles
Created master and derive roles
Created user accounts and assigned roles and profiles
Involved in troubleshooting security issues during Security Unit and Integration testing cycles. Performed root cause analysis of the issues encountered and resolved them
Worked on ad hoc requests related to security
Creating SAP user accounts as per the client request
User role Modifications and maintenance.
Maintaining Authorizations/Profiles/Roles using profile generator.
Personal Details:
Name : Basha Shaik
Date of Birth : 13-06-1988
Marital Status : Married
Passport Number : N0887051
Languages Known : English, Telugu, Kannada and Hindi.
Contact this candidate